DDOS Attacks Wane in US, May Result in Mass Bot Suicide

The emerging consensus among security analysts is that the attacks are not being executed by the North Korean government or some sophisticated hacker group. The malware is MyDoom being used is MyDoom, a very old program built largely for attacking the PCs it infects and deleting data on them rather than a DDOS. For a detailed analysis of the malware involved, see this report from South Korean anti-virus firm Hauri. Thanks for the tip to Brian Krebs at the Washington Post.

But the most interesting news is the revelation that the bot software has an option for self-destruction, one which the attackers might use to cover their tracks. The owners of the PCs in what appears to be a 50,000 system botnet in Asia would then find all the data on their computers destroyed.

In a way, it's more disturbing to find that the attacks are by some schmoe kid in Asia rather than a government, but it shouldn't be surprising. As Gadi Evron explains in this piece on DDOS and cyber wars, it's fairly easy to launch these attacks and you can't know who is really behind them. The way I see it, there's a big difference between a DDOS against a public, Internet-facing web site and successfully attacking the in-house systems of the agency that owns the site. As a friend of mine once said, a DDOS is like ringing someone's doorbell and running away. It doesn't do any real damage, but it's really bothersome. Eventually the attacker gets tired of it too.

It is still possible that the attacks are the unsophisticated work of North Korea or Dr. Evil or someone else we might otherwise consider sophisticated. The reason I would assume it is in fact some gang of kids is that it's reasonable to believe that some gang of kids would and could do this, and such things have happened in the past.

Automatic Renewal Program: Your subscription will continue without interruption for as long as you wish, unless
you instruct us otherwise. Your subscription will automatically renew at the end of the term unless you authorize
cancellation. Each year, you'll receive a notice and you authorize that your credit/debit card will be charged the
annual subscription rate(s). You may cancel at any time during your subscription and receive a full refund on all
unsent issues. If your credit/debit card or other billing method can not be charged, we will bill you directly instead. Contact Customer Service